GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,517
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,618
Maven 6,101
npm 4,255
NuGet 760
pip 4,042
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,937

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

263 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The equipment grants a JWT token for each connection in the timeline, but during an active valid... High Unreviewed

CVE-2025-64386 was published Oct 31, 2025

Nagios Fusion versions prior to R2.1 contain a vulnerability due to the application not requiring... High Unreviewed

CVE-2025-34269 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.1.3 did not invalidate all other active sessions for a user... Critical Unreviewed

CVE-2024-13996 was published Oct 31, 2025

On affected platforms, if SSH session multiplexing was configured on the client side, SSH... Moderate Unreviewed

CVE-2025-54547 was published Oct 30, 2025

An insufficient session expiration vulnerability [CWE-613] and an incorrect authorization... High Unreviewed

CVE-2024-33507 was published Oct 14, 2025

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL VPN 7.6.0 through 7.6.2... Moderate Unreviewed

CVE-2025-25252 was published Oct 14, 2025

IBM Transformation Extender Advanced 10.0.1 does not invalidate session after logout which... Moderate Unreviewed

CVE-2023-49881 was published Oct 1, 2025

CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An... Low Unreviewed

CVE-2025-35433 was published Sep 17, 2025

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One prior to... Moderate Unreviewed

CVE-2025-10223 was published Sep 10, 2025

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed

CVE-2024-41985 was published Aug 12, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed

CVE-2025-36040 was published Jul 31, 2025

Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car... High Unreviewed

CVE-2025-50486 was published Jul 28, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50485 was published Jul 28, 2025

Improper session invalidation in the component /bbdms/change-password.php of PHPGurukul Blood... High Unreviewed

CVE-2025-50487 was published Jul 28, 2025

Improper session invalidation in the component /crm/change-password.php of PHPGurukul Small CRM... High Unreviewed

CVE-2025-50484 was published Jul 28, 2025

Improper session invalidation in the component /library/change-password.php of PHPGurukul Online... High Unreviewed

CVE-2025-50488 was published Jul 28, 2025

Improper session invalidation in the component /banker/change-password.php of PHPGurukul Bank... High Unreviewed

CVE-2025-50491 was published Jul 28, 2025

HCL iAutomate is affected by an insufficient session expiration. This allows tokens to remain... High Unreviewed

CVE-2025-31952 was published Jul 24, 2025

An insufficient session expiration vulnerability [CWE-613] in FortiSandbox FortiSandbox version 4... Moderate Unreviewed

CVE-2024-27779 was published Jul 18, 2025

Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.This issue affects Lite Panel... Moderate Unreviewed

CVE-2025-4407 was published Jun 30, 2025

MICROSENS NMP Web+ contain JSON Web Tokens (JWT) that do not expire, which could allow an... High Unreviewed

CVE-2025-49152 was published Jun 26, 2025

An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0,... Moderate Unreviewed

CVE-2024-50562 was published Jun 10, 2025

IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed

CVE-2025-25019 was published Jun 3, 2025

IBM Planning Analytics Local 2.0 and 2.1 does not invalidate session after a logout which could... Moderate Unreviewed

CVE-2025-33005 was published Jun 1, 2025

The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed

CVE-2025-48929 was published May 28, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

263 advisories